Firewall Wizards mailing list archives
DNS -vs- the firewall: security thoughts
From: Bennett Todd <bet () rahul net>
Date: Mon, 9 Mar 1998 03:51:00 -0800
I'm currently contemplating a serious redesign, doing away with DNS from the internet altogether. We use _nothing_ but non-transparent proxies on the firewall, so I can't see any good reason why end-user workstations should need to be able to resolve internet hostnames. I'd really love to chop that off altogether; people are getting cleverer about using bizarrely-corrupted DNS data to burgle systems. -Bennett
Current thread:
- Re: BIND-8.1.1 w/ "allow-query" OR split-DNS? Matthew Patton (Mar 07)
- DNS -vs- the firewall: security thoughts Bennett Todd (Mar 09)
- Re: DNS -vs- the firewall: security thoughts Paul D. Robertson (Mar 10)
- Re: DNS -vs- the firewall: security thoughts Bret Watson (Mar 10)
- Re: DNS -vs- the firewall: security thoughts Bennett Todd (Mar 10)
- Re: DNS -vs- the firewall: security thoughts Joseph S. D. Yao (Mar 11)
- DNS -vs- the firewall: security thoughts Bennett Todd (Mar 09)